- Mar 16, 2019
The infosec community has long been warning that ransomware has the potential to grow into the number one cyberthreat for business. However, since ransom demands were low and malware distribution was a lot less effective a few years ago, many organizations paid those predictions no heed and are now paying large ransoms.
Fast forward to today: with countless reports of ransomware incidents in the media and hundreds of millions of brute-force attacks daily – a common gateway for ransomware – remaining defenseless is no longer an option. In the latest refresh of our popular white paper, Ransomware: A criminal art of malicious code, pressure and manipulation, we explain what led to the worrying increase in severity of ransomware attacks, but also what defenders need to do to keep their organizations out of the danger zone.
Let’s start with the numbers. Between January 2020 and June 2021, ESET’s brute-force attack protection prevented more than 71 billion attacks against systems with publicly accessible Remote Desktop Protocol (RDP) ports, demonstrating that protocol’s popularity among cybercriminals as an attack surface. While the most notable growth occurred in the first half of 2020, mirroring the lockdowns caused by the global pandemic, the highest daily figures were seen in the first half of 2021.
Figure 1. Number of brute-force attacks has been growing since beginning of 2020, reaching the highest daily figures in H1 2021.
The comparison of H1 2020 and H1 2021 shows an enormous 612% growth of these password-guessing attacks against RDP. The average daily number of unique clients reporting such attacks has also increased significantly, growing from 80,000 in H1 2020 to more than 160,000 (+100%) in H1 2021.
Figure 2. According to ESET telemetry, the detection trend of RDP brute-force attacks shows continuous growth with several large spikes in 2021.
But RDP isn’t the only distribution channel currently being............Read more
Full research paper link:
Ransomware: A look at the criminal art of malicious code, pressure, and manipulation